<?php
/**
 * 登陆
 */
class LoginController extends Controller_Base {

	/**
	 * 单点登陆凭证验证
	 * @return [type] [description]
	 */
	public function checkAction() {
		$sid = $this->getRequest()->getParam('sid');
		$url = $this->getRequest()->getParam('url');
		$url = base64_decode($url);
		$username = $this->getRequest()->getParam('username');
		$key = $this->getRequest()->getParam('key');

		if ($username != '') {
			$model = new Application_Model_Privilege();
			$user = $model->getUserByName($username);
			if (!$user) {
				exit("user not exist");
			}
		}
		if ($sid && $username && $key && $url) {
			$ssoHost = Helper_Config::get('base', 'sso', 'host');
			$loginUserInfo = file_get_contents($ssoHost . "login/index/checksso/?sid=" . $sid);
			if (trim($loginUserInfo) == 'fbd') {
				exit('fbidden');
			}

			$userinfo = json_decode(base64_decode($loginUserInfo));
			if (empty($userinfo)) {
				exit('user is empty');
			}
			foreach ($user as $key => $value) {
				$this->_session->$key = $value;
			}
			// 找出本USER的节点
			$model = new Application_Model_Privilege();
			$user['auth'] = $model->getUserPrivilege($user['user_id']);
			$user['role'] = $model->getUserRolesByUserId($user['user_id']);
			$this->_session->currentLoginUser = $user;
			// 超级管理员
			$this->_session->is_admin = $userinfo->isadmin ?? 0;
			$this->_session->password = $userinfo->password;
			if ($this->_session->user_name != $userinfo->username) {
				exit('user fbidden2');
			}
			header('Location: ' . $url); //跳转到登陆前的页面
			exit;
		} else {
			$this->_ssoLogin();
			exit();
		}
	}
}